GitHub overcomes world's largest DDoS attack in under 10 minutes
What's the story
The largest known DDoS attack in the world targeted software development platform GitHub this week, and the latter was impressively able to overcome it in under 10 minutes.
The powerful attack had hit GitHub with an incredible and simultaneous traffic of 1.35 terabits per second.
Overall, GitHub was offline for just five minutes between 17:21-17:26 UTC, with intermittent connectivity between 17:26-17:30 UTC.
Do you know?
What is a DDoS attack?
DDoS, short for distributed denial of service, is a type of a cyber attack which bombards websites and web-based services with huge amounts of traffic to bring them down. Services are forced to get offline since their servers are unable to handle the sudden influx.
Damage
The traffic volume on GitHub was amplified by 50 times
According to GitHub, the attackers hijacked something called "memcaching." It is a distributed memory system that is known for high-performance and demand.
Using this, the attackers massively amplified the traffic volumes on GitHub by around 50 times.
They not only took control of memcached instances that are "inadvertently accessible on the public internet" but also spoofed GitHub's IP address.
Damage Control
Here's how GitHub tackled the issue in less than 10mins
Taking note of the problem, GitHub immediately took help from Akamai Prolexic, a security service that provides fully managed DDoS protection.
It rerouted the traffic hitting GitHub through its own "scrubbing" centers, which removed and blocked malicious and inauthentic data before letting the authentic traffic pass through to the website.
After eight minutes of non-stop assault, the DDoS attack was stopped.
Information
GitHub is a popular software development platform
GitHub is a web-based hosting service which is mostly used as a repository of computer code. It has the world's largest community of developers that collaboratively discover, share, and build software. Today, the leading software development platform has become critical for any company handling code.